Cyber Security Manager

JOB PURPOSE:

The Cyber Security Manager is responsible for the management and implementation of the global Cyber Security Strategy based on the NIST Cyber Security Framework, to reduce the risk of a Cybersecurity incident according to the risk appetite of HEINEKEN and the Local Operating Company (OpCo) , as well as to raise wider OpCo Cybersecurity awareness.

ACCOUNTABILITIES:

Security Operations:

Advise, communicate, and ensure implementation of the global security standards & procedures by the local OpCo business and GIS teams.

Continuously assesses compliance of the OpCo versus the Information Security Standard (ISS) by testing the ISS controls as detailed in the Information Security Procedure (ISP).

Develops and manages the Information Security action plan to address identified risks and non-compliances

Security Awareness:

Manage /Develop /Improve and assist in the annual deployment of the Security Awareness Program within the OpCos.

Define, design and deploy ongoing educational assets to improve security across OpCos.

Security Strategy:

Responsible for identifying potential risks and recommendations on how to prevent and/or avoid that risk for inclusion in global operational security strategy.

Collaborate with the regional Information Security & Risk Management Manager to understand and develop further the controls and processes required to improve information security.

Innovation:

Accelerates and Drives implementation of new Security strategies and standards from global GIS towards the HEINEKEN OpCos

Research / participate in peer security forums (3rd parties and peers Companies) to identify opportunities to benchmark and continuously improve local implementation of standards and best practices from across IT or from the marketplace

Provide security expertise across multiple technical platforms to various OpCo stakeholders in all phases of solutions development (Ideation, Design, build, test and deploy) and Operations

Coaching and knowledge sharing:

Building risk culture, provide knowledge transfer/sharing and coaching to junior members on security topics.

JOB REQUIREMENTS:

Education Requirements:

Bachelor or master’s degree in information technology, computer science, engineering, or a related discipline.

Certification on different IT Security Topics such as CISA/CISM/CIISP/CEH/CSTA/CSTP/CFIS etc.

Language Requirements:

Good command in English, both written and spoken

Years of Experience:

5 years + of experience in consulting and supporting standard security compliance, and IT security related matter with internal and/or external customers, as well as in team leading.

Has worked with relevant market standards such as ISO 27001, COBIT and relevant laws and regulations such as privacy laws

Additional skills requirements:

Strong Functional and technical knowledge in IT Security matters

Sense of Business Urgency and safe-cautious mind to close critical gaps and reduce any security breach.

Flexibility to adjust to multiple demands, shifting priorities, ambiguity and rapid change.

Ability to work and team with a multitude of different people and different cultures (as appropriate).

Display professionalism, customer service attitude, attention to detail and quality.

Possess strong interpersonal skills, relationship management and negotiation skills, strong verbal and written communication skills.

Develop self and others through continuous learning, sharing best practices, knowledge, and expertise.

Negotiation skills indispensable.